Solved

Remote office Roaming Profile problems over VPN

Posted on 2006-10-20
7
256 Views
Last Modified: 2010-04-12
Hi,

We have 2 offices linked via an IPSEC VPN - the routers in each office negotiate this.

The head office has several PCs and a Win2000 SBS server. IP address range 192.168.16.0/255.255.255.0
The remote office has several PCs. IP adress range 192.168.19.0/255.255.255.0

All machines are in the same domain, and i can add machines in either office to the domain. Pinging etc all works ok within each office, and also to the other office.
However, when a user logs on in the remote office, the roaming profile can take up to 2 hours to copy! (and they're less than 2Mb!)

Am i missing something, or should the above work?

Is there anything i can check to see what's going on?

Thanks in advance

c
0
Comment
Question by:roundst
  • 3
  • 2
7 Comments
 
LVL 10

Expert Comment

by:plemieux72
Comment Utility
Profiles contain the My Documents folder as well as other potentially large folders.  Just making sure you have redirected folders turned on...  Otherwise, at each logon/logoff, the My Documents folder gets copied down/up to the server containing the profiles.  With redirected folders, you can leave these large folders on the file servers and considerably reduce network traffic during logon/logoff.

Otherwise, maybe it's an incorrect MTU?  What equipment runs your site-to-site VPN?
0
 

Author Comment

by:roundst
Comment Utility
none of the users store stuff in the My Documents folder - only in the appropriate file shares on the main server.

I created a special profile to do the timings which was 1.8Mb in size. I know our link is standard ADSL (at the mo), but we can copy 2Mb data files in a few mins. It just seems to be the logons that cause problems :(

We currently run Billion 7402R2 routers on both ends.. they have been used by me on other projects with no problems.

C
0
 
LVL 10

Accepted Solution

by:
plemieux72 earned 125 total points
Comment Utility
It REALLY sounds like an MTU issue on the routers.  I suggest you lower the maximum segment size to possibly 1400 and possibly even lower and set the MTU to 1452.  I am not familiar with the routers you mention so I wouldn't know how to assist for that however.
0
 

Author Comment

by:roundst
Comment Utility
ok - thanks - will try that.

would changing the netmask to 255.255.0.0 help at all ?

c
0
 
LVL 10

Expert Comment

by:plemieux72
Comment Utility
No.  Changing the mask would resize your IP addressing to a huge subnet which would be unusable...
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

When you connect to your workplace's VPN, you may not notice that you are using your workplace's servers to serve up webpages.  This might be undesirable since the workplace can log all the places you've been.  It also might be very slow to load pag…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now